Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A021C666689211ECB9BD7361C4F9AE02.roa
File: A021C666689211ECB9BD7361C4F9AE02.roa (raw, json)
Hash identifier: 9kXi8GDJO1HRznx6HpCJ3fn7eUncOpyw8IQ9zX+vNJI=
Subject key identifier: 8E:1D:2B:35:64:FE:7B:EC:C1:FD:BD:75:0C:99:50:5C:BF:18:38:96
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 648E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A021C666689211ECB9BD7361C4F9AE02.roa
Signing time: Wed 08 Feb 2023 13:01:57 +0000
ROA not before: Wed 08 Feb 2023 13:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17754
IP address blocks: 103.48.68.0/23 maxlen: 24
103.48.71.0/24 maxlen: 24
103.55.213.0/24 maxlen: 24
103.105.102.0/24 maxlen: 24
113.11.224.0/22 maxlen: 24
113.11.228.0/22 maxlen: 24
175.101.0.0/16 maxlen: 24
202.133.48.0/24 maxlen: 24
202.133.49.0/24 maxlen: 24
202.133.50.0/24 maxlen: 24
202.133.51.0/24 maxlen: 24
202.133.52.0/24 maxlen: 24
202.133.53.0/24 maxlen: 24
202.133.54.0/24 maxlen: 24
202.133.55.0/24 maxlen: 24
202.133.56.0/24 maxlen: 24
202.133.57.0/24 maxlen: 24
202.133.58.0/24 maxlen: 24
202.133.59.0/24 maxlen: 24
202.133.60.0/24 maxlen: 24
202.133.61.0/24 maxlen: 24
202.133.62.0/24 maxlen: 24
202.133.63.0/24 maxlen: 24
202.153.32.0/24 maxlen: 24
202.153.33.0/24 maxlen: 24
202.153.34.0/24 maxlen: 24
202.153.35.0/24 maxlen: 24
202.153.36.0/24 maxlen: 24
202.153.37.0/24 maxlen: 24
202.153.38.0/24 maxlen: 24
202.153.39.0/24 maxlen: 24
202.153.40.0/24 maxlen: 24
202.153.41.0/24 maxlen: 24
202.153.42.0/24 maxlen: 24
202.153.43.0/24 maxlen: 24
202.153.44.0/24 maxlen: 24
202.153.45.0/24 maxlen: 24
202.153.46.0/24 maxlen: 24
202.153.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25742 (0x648e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 8 13:01:57 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e39d44-1031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:05:c6:60:4a:05:4d:da:d5:15:98:0a:7b:
00:5d:76:89:1a:5a:6a:2b:44:e3:35:4b:2e:1a:5a:
45:24:f3:6d:27:43:a2:cb:83:3d:3f:5f:c3:ff:a9:
d2:bb:52:e7:97:1d:bf:33:c7:04:52:0c:a2:2e:16:
93:22:1a:ab:46:88:03:91:52:c6:fd:42:32:23:78:
2f:9b:63:ce:eb:07:cf:eb:20:6c:77:47:30:26:02:
b2:61:8f:19:1b:7c:78:8b:8f:c7:fb:5a:fc:9c:fb:
17:aa:61:2b:c6:7a:6b:dd:f1:5a:25:fc:f9:53:8f:
61:4c:45:23:6b:80:4f:a8:b1:a9:d1:54:c5:29:33:
17:ec:24:c5:c2:c1:e4:79:65:4e:a5:bc:b2:4e:02:
ad:ab:fa:cf:0d:f9:99:23:91:1a:5e:ba:69:49:c5:
84:f5:f9:eb:15:5e:14:2d:65:05:f5:26:55:8c:c0:
bc:e5:08:a2:65:3b:e8:33:cc:86:91:70:20:73:e7:
3b:a4:17:e6:28:47:43:37:83:a3:50:4a:6c:33:ac:
c7:97:5f:fe:2c:94:aa:d0:16:d7:0c:c0:fc:91:f9:
49:de:42:88:89:be:69:d0:4e:2e:b5:21:dc:6c:1c:
f4:50:d0:73:09:c0:50:18:ad:1f:ee:07:a3:a8:83:
8c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1D:2B:35:64:FE:7B:EC:C1:FD:BD:75:0C:99:50:5C:BF:18:38:96
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A021C666689211ECB9BD7361C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.68.0/23
103.48.71.0/24
103.55.213.0/24
103.105.102.0/24
113.11.224.0/21
175.101.0.0/16
202.133.48.0/20
202.153.32.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:62:47:8c:c3:ac:dd:05:55:be:7b:72:b7:64:2d:af:6c:14:
d6:a8:e5:b7:2f:b0:1a:64:4e:78:90:3f:84:41:c5:54:e9:ed:
72:f0:0d:2a:5b:0b:54:d2:59:13:6e:01:e0:c2:03:70:a8:a4:
6b:6b:5b:90:fd:a6:8e:96:e4:b6:11:42:d7:1a:b8:67:1a:83:
24:72:dd:cb:46:77:fa:b9:f6:16:f4:70:d3:2d:e0:7d:78:fe:
a0:97:41:6a:6a:74:aa:d0:a3:f9:74:c3:e2:fa:42:16:4b:b3:
3a:7c:25:9f:e2:97:09:d8:7c:97:4c:01:e7:23:68:6d:7c:8a:
52:a0:ad:16:3b:92:8e:6d:a3:a7:ce:0a:7f:1b:a5:fd:4b:30:
75:2f:4f:f1:05:7c:32:00:96:29:14:f5:cb:84:c9:84:ed:c1:
1e:7d:3a:3d:f8:39:c0:5b:36:49:c5:1f:55:28:7c:ed:8e:36:
c9:19:d3:5f:27:b4:ce:2a:6f:e0:7e:97:bd:1c:df:95:64:72:
40:57:10:ac:be:18:a5:08:5f:0b:1e:20:71:fa:a7:a8:90:b5:
58:d6:e3:c1:4e:8d:24:de:5f:84:76:ab:97:91:72:1e:c4:29:
d7:78:a2:9a:ae:eb:a6:2b:45:d8:48:bc:ab:5c:e2:00:43:2e:
b7:c2:85:00
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICZI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjA4MTMwMTU3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzOWQ0NC0xMDMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5cFxmBKBU3a1RWYCnsAXXaJGlpqK0TjNUsuGlpFJPNtJ0Oiy4M9P1/D/6nS
u1Lnlx2/M8cEUgyiLhaTIhqrRogDkVLG/UIyI3gvm2PO6wfP6yBsd0cwJgKyYY8Z
G3x4i4/H+1r8nPsXqmErxnpr3fFaJfz5U49hTEUja4BPqLGp0VTFKTMX7CTFwsHk
eWVOpbyyTgKtq/rPDfmZI5EaXrppScWE9fnrFV4ULWUF9SZVjMC85QiiZTvoM8yG
kXAgc+c7pBfmKEdDN4OjUEpsM6zHl1/+LJSq0BbXDMD8kflJ3kKIib5p0E4utSHc
bBz0UNBzCcBQGK0f7gejqIOMEwIDAQABo4ICvjCCArowHQYDVR0OBBYEFI4dKzVk
/nvswf29dQyZUFy/GDiWMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTAyMUM2NjY2
ODkyMTFFQ0I5QkQ3MzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MDUEAgABMC8DBAFnMEQDBABnMEcDBABnN9UDBABnaWYDBANxC+ADAwCvZQME
BMqFMAMEBMqZIDANBgkqhkiG9w0BAQsFAAOCAQEAjWJHjMOs3QVVvntyt2Qtr2wU
1qjlty+wGmROeJA/hEHFVOntcvANKlsLVNJZE24B4MIDcKika2tbkP2mjpbkthFC
1xq4ZxqDJHLdy0Z3+rn2FvRw0y3gfXj+oJdBamp0qtCj+XTD4vpCFkuzOnwln+KX
Cdh8l0wB5yNobXyKUqCtFjuSjm2jp84Kfxul/UswdS9P8QV8MgCWKRT1y4TJhO3B
Hn06Pfg5wFs2ScUfVSh87Y42yRnTXye0zipv4H6XvRzflWRyQFcQrL4YpQhfCx4g
cfqnqJC1WNbjwU6NJN5fhHarl5FyHsQp13iimq7rpitF2Ei8q1ziAEMut8KFAA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org